SSH with ed25519
gniibe at fsij.org
Wed Aug 12 15:46:27 CEST 2015
I forgot when I tested OpenSSH with Ed25519, it worked at that
time. Today, I needed a patch like this:
diff --git a/agent/command-ssh.c b/agent/command-ssh.c
index 2a3037c..7526634 100644
@@ -1964,6 +1964,11 @@ ssh_key_to_blob (gcry_sexp_t sexp, int with_secret,
err = gpg_error (GPG_ERR_INV_SEXP);
+ if (data == 0x40)
err = stream_write_string (stream, data, datalen);
The above fix is not quite right (I think that always removing the
prefix is right), but I'm not sure if there's existing old keys.
In the git commit log, I found following change. I think that after
this change, we need to remove prefix when sending to SSH.
Author: Werner Koch <wk at gnupg.org>
Date: Thu Jul 24 16:16:53 2014 +0200
gpg: Switch to an EdDSA format with prefix byte.
* g10/keygen.c (gen_ecc): USe "comp" for EdDSA.
More information about the Gnupg-devel